Revocation status using other credentials

ABSTRACT

Providing revocation status of at least one associated credential includes providing a primary credential that is at least initially independent of the associated credential, binding the at least one associated credential to the primary credential, and deeming the at least one associated credential to be revoked if the primary credential is revoked. Providing revocation status of at least one associated credential may also include deeming the at least one associated credential to be not revoked if the primary credential is not revoked. Binding may be independent of the contents of the credentials and may be independent of whether any of the credentials authenticate any other ones of the credentials. The at least one associated credential may be provided on an integrated circuit card (ICC). The ICC may be part of a mobile phone or a smart card.

CROSS-REFERENCE TO RELATED APPLICATIONS

This application claims priority to U.S. provisional patent applicationNo. 61/498,008 filed on Jun. 17, 2011, which is incorporated byreference herein.

TECHNICAL FIELD

This application is related to the field of secure communications and,more particularly, to cryptographic key management and the establishmentof a protected communication channel between entities.

BACKGROUND OF THE INVENTION

Different types of authentication, such as PKI certificateauthentication, may be used for controlling access to organizationfacilities, computer networks, and/or almost any other secure system.Users desiring access carry personal authentication devices such ascontact or contactless smart cards or secure elements of NFC mobilephones, or any device that offers protection of a private key (orsimilar) corresponding to the authentication. As an example of personalauthentication device, FIPS 201 mandates US Federal Agencies to providetheir Employees with Personal Identity Verification cards (PIV) for thepurpose of controlling access to federal government assets. FIPS 201compliant PIV cards are equipped with several X.509 PKI certificates forRSA 2048-bit public keys (and other public key certificates, attributecertificates or credentials) and protect the corresponding private keysthat are bound to the device. Although PKI key pairs and certificatesmay be prepared outside the personal authentication device, the privatekey—and matching public key—may be generated inside the device to ensureits uniqueness and exclusive binding to the device.

A PKI certificate authentication process requires reading thecertificate from the personal authentication module, proving ownershipof the private key using a challenge response or other key confirmationmechanism, verifying the certificate signature, verifying that thecertificate was issued by a trusted issuer, verifying the certificatevalidity against the expiration date, and determining the revocationstatus, etc. For X.509 digital certificates, a certificate revocationcheck may be performed using either a Certificate Revocation List (CRL)or using an OCSP responder, or other method. It is useful to determinethe revocation status of a certificate since a revoked certificate mayindicate a security breach with respect to the corresponding private keyand/or revocation of the privileges/access granted to the certificateholder. For example, if a government employee is issued a PIV cardhaving one or more certificates that expire at a certain date, but theemployee leaves his employment prior to that date, it is useful torevoke any certificates or other credentials associated with the PIVcard. When the status of a certificate is revoked, the certificateshould not be considered valid, and any security process relying on thevalidity of the certificate should consider the certificate as invalid.Also, a process that determines that a certificate is invalid when thecertificate date information is valid and/or any cryptogram associatedwith the certificate can be verified may infer that the certificatestatus is revoked.

However, in some cases, determining the revocation status of aparticular certificate may be impractical or impossible. For example, inthe case of X.509 certificate revocation information, there may be atime delay in connection with propagating revocation information foreach and every certificate associated with a user that has changedstatus and/or associated with an authentication entity that has beencompromised. In addition, for some types of authentication mechanisms,there may not be an available or practical revocation mechanism fordetermining whether the authentication has been revoked. Also,revocation of multiple certificates or other credentials that need toshare the same revocation status may be redundant so that multiplerevocation status update transactions that are substantially similarneed to be executed.

It would be useful to provide a revocation mechanism that can providetimely and accurate revocation status for different types ofcredentials.

SUMMARY OF THE INVENTION

According to the system described herein, providing revocation status ofat least one associated credential includes providing information abouta primary credential that is cryptographically independent of theassociated credential, binding the at least one associated credential tothe primary credential, and deeming the at least one associatedcredential to be revoked if the primary credential is revoked. Providingrevocation status of at least one associated credential may also includedeeming the at least one associated credential to be not revoked if theprimary credential is not revoked. Binding the at least one associatedcredential to the primary credential may be independent of the contentsof the credentials and may be independent of whether any of thecredentials authenticate any other ones of the credentials. The at leastone associated credential may be provided on a first integrated circuitcard (ICC). The first ICC may be part of a mobile phone or a smart card.The primary credential may be provided on a host that communicates withthe first ICC. A host may communicate with the first ICC and the primarycredential may be provided external to the host and external to thefirst ICC. The primary credential may be provided on a second ICC thatis separate from the first ICC. A single primary credential may be boundto a plurality of associated credentials so that revocation status ofall of the associated credentials varies according to revocation statusof the primary credential. The at least one associated credential may beimplemented using iClass, Elliptic Curve Cryptography (ECC), X.509, CardVerifiable Certificate, or symmetric key cryptography. The primarycredential may be an X.509 digital certificate.

According further to the system described herein, computer software,provided in a non-transitory computer-readable medium, providesrevocation status of at least one associated credential. The softwareincludes executable code that accesses information about a primarycredential that is cryptographically independent of the associatedcredential, executable code that binds the at least one associatedcredential to the primary credential, and executable code that deems theat least one associated credential to be revoked if the primarycredential is revoked. The software may also include executable codethat deems the at least one associated credential to be not revoked ifthe primary credential is not revoked. Binding the at least oneassociated credential to the primary credential may be independent ofthe contents of the credentials and may be independent of whether any ofthe credentials authenticate any other ones of the credentials. The atleast one associated credential may be provided on a first integratedcircuit card (ICC). The first ICC may be part of a mobile phone or asmart card. The primary credential may be provided on a host thatcommunicates with the first ICC. A host may communicate with the firstICC and the primary credential may be provided external to the host andexternal to the first ICC. The primary credential may be provided on asecond ICC that is separate from the first ICC. A single primarycredential may be bound to a plurality of associated credentials so thatrevocation status of all of the associated credentials varies accordingto revocation status of the primary credential. The at least oneassociated credential may be implemented using iClass, Elliptic CurveCryptography (ECC), X.509, Card Verifiable Certificate, or symmetric keycryptography. The primary credential may be an X.509 digitalcertificate.

BRIEF DESCRIPTION OF THE DRAWINGS

Embodiments of the system described herein are explained with referenceto the several figures of the drawings, which are briefly described asfollows.

FIG. 1 is a schematic illustration showing an Integrated Circuit Card(ICC) and a host according to an embodiment of the system describedherein.

FIG. 2 is a schematic illustration showing an Integrated Circuit Card(ICC) with associated and primary credentials according to an embodimentof the system described herein.

FIG. 3 is a flow diagram showing processing in connection withauthenticating and determining revocation status of an associatedcredential accord according to an embodiment of the system describedherein.

FIG. 4 is a schematic illustration showing an Integrated Circuit Card(ICC) with an associated credential and a host with a primary credentialaccording to an embodiment of the system described herein.

FIG. 5 is a schematic illustration showing an Integrated Circuit Card(ICC) with an associated credential and a host where a primarycredential is provided outside the ICC and the host according to anembodiment of the system described herein.

FIG. 6 is a schematic illustration showing a primary credential and aplurality of associated credentials according to an embodiment of thesystem described herein.

DETAILED DESCRIPTION OF VARIOUS EMBODIMENTS

FIG. 1 is a diagram of a system 100 that includes a host 102 incommunication with an integrated circuit card (ICC) 104. The host 102may be a terminal and/or server with protected access. Generally, thehost 102 may be any other unit or collection of units capable ofestablishing a logical communication channel with a device, such as theICC 104. The host 102 may include a client application 106 and a secureapplication module (SAM) 108. Although discussed principally herein inconnection with use the SAM 108, the system described herein may alsooperate in connection with devices using a trusted platform module(TPM), hardware security module (HSM) and/or other type of cryptographicmodule, such as a software module, or a module embedded in a CPU.Furthermore, although the client application 106 is shown and discussedprincipally herein as a separate component with separate functionalityfrom the SAM 108, in other embodiments, the client application 106 maybe incorporated into the SAM 108.

The ICC 104, such provided on a smart card, mobile phone and/or othersimilar device, communicates with SAM 108 via the host 102 using acontact or contactless interface. The system 100 may provide securecontact or contactless communication between the ICC 104 and the host102 using any appropriate mechanism to provide protection from attacksthat include skimming, sniffing and man-in-the middle attacks and mayprovide forward secrecy, as further discussed elsewhere herein. Thesystem described herein may operate in compliance with NISTcryptographic mandates, including NIST SP 800-56A or 800-56B (which isincorporated herein by reference), NIST SP 800-57 Part 1, entitled“Recommendation for Key Management” by Elaine Barker et al. (revised,March 2007), which is incorporated herein by reference, and FederalInformation Processing Standards (FIPS) 140-2, entitled “SecurityRequirements for Cryptographic Modules,” May 25, 2001, with changenotice Dec. 3, 2002, which is incorporated herein by reference. Thesystem 100 may further include the ability to fulfill NSArecommendations on the choice of cryptography (SUITE-B). The system 100may support full secure messaging for application data or key exchange.It should be noted that other appropriate standards may also be utilizedin connection with the system described herein, as would be understoodby one of ordinary skill in the art.

Integration specifications for the host 102, the SAM 108, and/or the ICC104 interfaces may be provided for the system described herein. For theclient application 106, the integration may use a single command fromthe ICC 104 that includes a public key and identification data generatedby the SAM 108. A response by the ICC 104 may be directly forwarded tothe SAM 108 for processing. The SAM 108 may return authenticatedcredentials for the ICC 104. Session keys (e.g., symmetric session keys)may be established on both sides.

In an embodiment herein, the client application 106 calls the SAM 108 togenerate an ephemeral Elliptical Curve (EC) key pair. The clientapplication 106 then sends an authentication command to the ICC 104,including a public ephemeral key. Then, the client application 106forwards the authentication response of the ICC 104 as a secondauthentication command to the SAM 108. If successful, then session keysare established on both sides. The client application 106 buildsapplication protocol data unit (APDU) commands, calls the SAM 108 towrap (encapsulate) the APDU commands, and then sends the wrappedcommands to the ICC 104. In an embodiment, the APDU interface may be anISO 7816-4 card edge interface.

The system 100 may provide authentication, such as PKI authentication,of a smart card and/or mobile phone with a secure element that may bepresented to one or more hosts. The hosts may include one or more hoststhat are part of and/or otherwise incorporated into a door or doorcontroller for controlling physical access and into desktops, laptopsand/or kiosks for controlling logical access. Use of secure messagingprovides an end-to-end protected path for document or transactiondecryption and signatures using the secure element or smart card. Theend-to-end secure messaging may provide for the transport of PIN orbiometrics or physical access control system (PACS) credentials viacontactless communication. The system described herein may also be usedin connection with PKI-based authentication and ticketing for transitapplications. The system described herein may further be used to provideend-to-end post issuance management of the smart card or secure elementin a contact or contactless environment.

Note that authentication of the ICC 104 by the host 102 may includereceiving authentication information from the ICC 104. Theauthentication information from the ICC 104 can take any form, includinga X.509 PKI digital certificate, an EC digital certificate, or someother appropriate form. In some cases, the authentication informationmay be embedded by the manufacturer/issuer of the ICC 104 while in othercases the authentication information may be loaded on to the ICC 104some time after manufacture/issuance. Note that it is also possible tohave a combination where some authentication information is provided bythe manufacturer/issuer and the information is updated and/or replacedat a following time by new authentication information. It is alsopossible to have authentication information on the ICC 104 that does notexpire.

In some cases, authentication information on the ICC 104 may include anexpiration date of the authentication information, after which the ICC104 is no longer considered valid. For example, an X.509 PKI digitalcertificate may contain an expiration date. Once the authenticationinformation on the ICC 104 has expired, a user either obtains a new ICCor updates/replaces the authentication information on the ICC 104 withauthentication information having a new expiration date.

Sometimes it is desirable to revoke authentication information providedon the ICC 104. For example, if the ICC 104 is an identification/accessbadge of an employee that leaves a company, the company would like toimmediately revoke the ICC 104 so that the ex-employee no longer hascompany access. This is especially important in instances where thecompany does not have an opportunity to take physical possession of thebadge, such as when an ex-employee is hostile to the company. In someinstances, authentication information is provided in a form thatprovides an effective revocation mechanism, such as X.509 digitalcertificates. However, in other instances, there may be nostraight-forward revocation mechanism.

Referring to FIG. 2, the ICC 104 is shown in detail as including anassociated credential (CR 1) 502 and a primary credential (CR 2) 504.The associated credential 502 may be used to authenticate the ICC 104while the primary credential 504 may be used to provide revocationstatus for the associated credential 502. The credentials 502, 504 maybe the same type of credential (e.g., both of the credentials 502, 504are X.509 digital certificates) or the credentials 502, 504 may bedifferent types of credentials (e.g., the associated credential 502 usesECC and a Card Verifiable Certificate (CVC) and the primary credential504 is an X.509 digital certificate).

Although the primary and associate credentials 502, 504 may have manythings in common (certificate subject, issuer id, etc.), the credentials502, 504 are cryptographically independent so that there is no direct orindirect cryptographic relationship between the associated credential502 and the primary credential 504. Cryptographic independence may bedistinguished from current PKI technology (and similar), wherecredentials may belong to the same certification path (chain) so thatthe secrets and/or private key associated with one credential are usedto form cryptograms that are necessary to establish trust in anothercredential. Note that cryptographic dependence between two credentialscan be direct or indirect. Cryptographic dependence between credentialsis direct when a cryptographic operation applies one of the secrets/keysof one of the credentials directly to the other one of the credentials.Cryptographic dependence between credentials is indirect when acryptographic operation applies one of the secrets/keys of one of thecredentials to at least one intermediary credential that appliessecrets/keys thereof directly to the other one of the credentials.

The credentials 502, 504 being cryptographically independent means thatno secrets and/or private key associated with one of the credentials502, 504 is used to form cryptograms, directly or indirectly, that arenecessary to establish trust in the other one of the credentials 502,504. Thus, without more (e.g., binding the credentials 502, 504,discussed in detail elsewhere herein), a change in revocation status ofone of the credentials 502, 504 does not automatically change therevocation status of the other one of the credentials 502, 504. This isin contrast with a cryptographically dependent PKI certificate chain,where if a credential higher in the chain is revoked, then a certificatelower in the chain is automatically revoked too.

Following creation of the credentials 502, 504, there is a binding sothat the revocation state of the associated credential 502 is tied tothe revocation state of the primary credential 504 where the associatedcredential 502 is deemed revoked if the primary credential 504 isrevoked. In some cases, the associated credential 502 is deemed notrevoked if the primary credential is not revoked while in other casesthe associated credential 502 may be revoked independently of therevocation state of the primary credential 504. Under such a system, theassociated credential 502, which authenticates the ICC 104, can use anytype of authentication mechanism, including a non-revocableauthentication mechanism.

As an example of using different types of credentials, the ICC 104 maybe used for opening a door for the holder of the ICC 104. The associatedcredential 502 may be implemented using ECC and CVC to facilitate rapidprocessing when the user presents the ICC to the door controller (i.e.,the host 102). The primary credential 504 may be an X.509 certificate.When the ICC 104 provides authentication to the host 102, the host 102can confirm the associated credential 502 to determine whether to openthe door and, in parallel, can check the revocation status of theprimary credential 504 using conventional X.509 certificate revocationdata (i.e., CRL information, OCSP response, etc.). If the primarycredential 504 is revoked, then the associated credential 502 is deemedrevoked. Thus, even if the ICC 104 is properly authenticated using theassociated credential 502 which itself is not revoked, the doorcontroller (host 102) does not open the door if the primary credential504 has been revoked. Accordingly, the system described herein mayprovide for effective revocation of otherwise non-revocable credentials.Note also that, even in instances where the associated credential 502 isrevocable, it may still be advantageous to use the primary credential504 as a surrogate for the revocation status of the associatedcredential 502.

Any appropriate mechanism may be used to bind the cryptographicallyindependent credentials 502, 504. Thus, the binding may be provided by adata structure that relates the two credentials and/or some other dataprovided that is accessible to any entities that rely on the bindingand/or that modify the binding. For example, the binding mechanism maybe an indication at the host 102 that associated credential 502 isdeemed to be revoked if the primary credential 504 is revoked. For afirst alternative, binding the associated credential 502 to the primarycredential 504 may be done by including a reference to the primarycredential 504 within the information for the associated credential 502at the time of issuance of the associated credential 502. For a secondalternative, the binding may be performed by including the same user orunique device identifier in both of the credentials 502, 504 at the timeof issuance of the credentials 502, 504. For either alternative, uponpresentation of the associated credential 502, the host 102 may read thereference to the primary credential 504 from the associated credentialand searches for the revocation status of the primary credential 504 viaa CRL, OCSP or other method.

For another alternative, the binding may be independent of the contentsof the credentials 502, 504 and may be independent of whether any of thecredentials 502, 504 authenticate any other ones of the credentials 502,504. Thus, there may be no binding information provided with thecontents of either of the credentials 502, 504. For instance, an accesscontrol system may determine the binding between the associatedcredential 502 and the primary credential 504 at registration time, whenthe same person can prove ownership of both of the credentials 502, 504

Testing the revocation status of the primary credential 504 may includealso authenticating the primary credential 504, where, if the primarycredential 504 cannot be authenticated, the primary credential 504 isdeemed revoked. Note also that, in some cases, the ICC 104 may simplyidentify an authenticable credential stored in a location outside theICC 104. For example, the ICC 104 could simply identify a serial numberof an X.509 digital certificate (primary credential), which can bechecked against a CRL for revocation status.

Referring to FIG. 3, a flow chart 510 illustrates in detail processingperformed by the host 102 in connection with authenticating the ICC 104when the ICC 104 uses associated and primary credentials 502, 504.Processing begins at a first step 512 where the host 102 obtains theassociated credential 502 (e.g., from the ICC 104). Following the step512 is a test step 514 where it is determined if the associatedcredential 502 is valid. The test at the step 514 determines if theassociated credential 502 is revoked and whether the associatedcredential 502 properly authenticates the ICC 104. Note that theassociated credential 502 may use any appropriate authenticationmechanism and/or revocation mechanism. In some cases, the associatedcredential 502 may use a non-revocable authentication mechanism, inwhich case the test at the step 514 determines authentication of theassociated credential 502 but not revocation status.

If it is determined at the test step 514 that the associated credential502 is valid (properly authenticates the ICC 104 and is not revoked),then control passes from the test step 514 to a step 516 where the host102 obtains the primary credential 504 from the ICC 104. Following thestep 516 is a test step 518 where it is determined if the primarycredential 504 is revoked. As discussed elsewhere herein, in some cases,prior to determining the revocation status of the primary credential504, it may be useful to first authenticate the primary credential 504.Thus, in some cases, the test step 518 may represent a combinedauthentication/revocation test of the primary credential 504.

If it is determined at the test step 518 that the primary credential isrevoked, then control passes from the test step 518 to a step 522 whereaccess denial processing is performed, as discussed elsewhere herein.Following the step 522, processing is complete. Note that the step 522is also reached from the step 514 if the associated credential is notvalid (i.e., is revoked or does not authenticate the ICC 104). Thus, theprimary credential 504 is a surrogate for the associated credential 502in that, if the primary credential 504 is revoked, access is denied justas if the associated credential 502 had been revoked, irrespective ofthe revocation status of the associated credential 502 and evenirrespective of whether the associated credential 502 is revocable atall. If it is determined at the test step 518 that the primarycredential is not revoked, then control passes from the test step 518 toa step 524 where access is allowed. Following the step 524, processingis complete.

Note that, although the associated credential 502 is deemed revoked ifthe primary credential 504 is revoked, the reverse may not necessarilybe true. That is, in some embodiments, the associated credential 502 maybe revoked independently of the revocation status of the primarycredential 504 so that the associated credential 502 is revoked but theprimary credential 504 is not. In other embodiments, such as embodimentswhere the associated credential 502 is irrevocable, the revocation stateof the associated credential 502 tracks the revocation state of theprimary credential 504.

Referring to FIG. 4, a diagram 530 illustrates an alternativeconfiguration in which the associated credential 502 is provided withthe ICC 104, but a primary credential 504′ is stored on the host 102.The primary credential 504′ is used just like the primary credential 504described elsewhere herein, except that, instead of being stored on theICC 104, the primary credential 504′ is provided on the host 102. Thus,for the configuration illustrated by the diagram 530, it is notnecessary for the host 102 to obtain the primary credential 504′ fromthe ICC 104. The primary credential 504′ may be provided to the host 102from any number of sources, including an initial transfer from the ICC104, a secure transfer over the Internet from a remote host (not shown),a user inserting a USB drive or a disk (containing the primarycredential 504′) into a reader at the host 102, etc.

Referring to FIG. 5, a diagram 540 illustrates an alternativeconfiguration in which the associated credential 502 is provided withthe ICC 104, but a primary credential 504″ is stored outside both thehost 102 and the ICC 104. The primary credential 504″ is used just likethe primary credential 504 and the primary credential 504′ describedelsewhere herein, except that, instead of being stored on either thehost 102 or the ICC 104, the primary credential 504″ is providedexternal to both. Thus, for the configuration illustrated by the diagram540, the host 102 obtains the primary credential 504″ from a sourceother than the ICC 104, such as from a remote host (not shown) thattransfers the primary credential 504″ using a secure channel. Thetransfer may be over the Internet or by some other medium. In someembodiments, the primary credential 504″ may be provided on a second ICC104′ that is separate from the ICC 104 that contains the associatedcredential 502.

In some embodiments, it may be the responsibility of the entity relyingon the revocation status (e.g., the host 102) to locate the primarycredential 504″. If the primary credential 504″ is transferred to theICC 104, then the system may operate like that illustrated in FIG. 2 anddescribed above. Alternatively, if the primary credential 504″ istransferred to the host 102, then the system may operate like thatillustrated in FIG. 4 and described above. In some embodiments, it isnot necessary to provide the primary credential 504″ itself, but onlyinformation about the primary credential 504″ (e.g., serial number) sothat the revocation status of the primary credential 504″ can bechecked.

As an example of the system illustrated in FIG. 5, the ICC 104 maycorrespond to a cell phone issued to a user. The host 102 may correspondto a door controller that opens a secure door. The associated credential502 is stored in the cell phone that the user presents to the host 102to open the door. The user may also have a PIV card that corresponds tothe second ICC 104′ and that contains the primary credential 504″. Solong as the primary credential 504″ is not revoked, the user can openthe door using the associated credential 502 on the ICC 104 (cellphone). However, if the host 102 detects that the primary credential504″ has been revoked (e.g., the PIV card 104′ is no longer valid), thenthe host 102 deems the associated credential 502 to also be revoked sothat the ICC 104 (cell phone) can no longer be used to open the securedoor. If the cell phone (ICC 104) is lost or stolen, but the PIV (secondICC card 104′) is not, it may be possible to revoke the associatedcredential 502, but not the primary credential 504″. Thus, revocation ofthe primary credential 504″ guarantees revocation of the associatedcredential 502, but non-revocation of the primary credential 504″ doesnot guarantee non-revocation of the associated credential 502.

Referring to FIG. 6, a diagram 550 illustrates a primary credential 552being bound to a plurality of associated credentials 554-556. Revocationstatus of all of the associated credentials 554-556 varies according tothe revocation status of the primary credential 552. Thus, if theprimary credential 552 is revoked, all of the associated credentials554-556 are deemed revoked. One use of a system like that illustrated bythe diagram 550 is a situation where each of the associated credentials554-556 relates to a separate device that a user is issued as anemployee of a company (e.g., cell phone, parking pass, access card,etc.) and the revocation state of the primary credential 552 correspondsto the user's employment status with the company. If the user leaves thecompany, the primary credential 552 is revoked, thus causing all of theassociated credentials 554-556 to be effectively revoked.

In some embodiments, the primary credential may contain a pointer orother identifier that indicates the associated credential(s). It is alsopossible for the associated credential(s) to contain pointer(s) or otheridentifier(s) that indicates the primary credential. In otherembodiments, none of the primary credential or the associatedcredential(s) contain any indication of the others. It is also possiblefor one or more of the associated credentials to have the same or asimilar identifier as the primary credential. In other embodiments, theidentifiers may be independent. One or more of the associated andprimary credentials may be authenticated, at least partially, by anotherone of the associated and primary credentials. Note that the systemdescribed herein may be used in instances where the associatedcredential is not revocable (and/or not easily revocable), but it isstill desirable to provide an expiration of the ICC 104 after apredetermined amount of time (e.g., one year) by revoking the primarycredential.

An example of the system described herein is to use Elliptic curveauthentication keys or symmetric device authentication keys on a PIVcard to accelerate contactless PKI authentication at a door. A key pairand a Card Verifiable Certificate (CVC) may be used as a primarycredential to authenticate the personal authentication device. Theprimary credential may be located on the same device as the PIV card,but may be logically separated from the PIV application, and provide adifferent level of trust. A secure channel session key established fromthe CVC authentication may be used to authenticate a reference to a PIVcertificate that is encrypted with the session key. Accordingly, the PIVcertificate reference is bound to the session keys and the static keyand CVC. Since the reference to the PIV certificate is trusted to bebound to the keys and the device, the verification process at the doorcontroller may verify the PIV certificate revocation status andadditional attributes such as its expiration date to determine if thedevice being presented is valid.

Another example is a primary credential that is located on a devicedistinct from the device holding the primary PKI certificate. Anembedded secure element of a mobile phone may use iClass keys forauthentication that are bound to the primary PIV credential stored inthe original separate PIV card of the device owner. The mobile phone maybe used to access a mass transit system using the iClass keys. Using theprocess described herein, the mobile phone provides the identifier ofthe primary PIV card certificate, authenticated from the iClass keys.The primary PIV certificate status may be retrieved and used at the doorcontroller to determine if the mobile phone can be considered a validdevice.

The system described herein may be used with anyauthentication/validation technique or combination of techniques.Various embodiments discussed herein may be combined with each other inappropriate combinations in connection with the system described herein.Additionally, in some instances, the order of steps in the flowcharts orflow diagrams may be modified, where appropriate. Further, variousaspects of the system described herein may be implemented usingsoftware, hardware, a combination of software and hardware and/or othercomputer-implemented modules or devices having the described featuresand performing the described functions. Software implementations of thesystem described herein may include executable code that is stored in acomputer readable storage medium and executed by one or more processors.The computer readable storage medium may include a computer hard drive,ROM, RAM, flash memory, portable computer storage media such as aCD-ROM, a DVD-ROM, a flash drive and/or other drive with, for example, auniversal serial bus (USB) interface, and/or any other appropriatetangible storage medium or computer memory on which executable code maybe stored and executed by a processor. The system described herein maybe used in connection with any appropriate operating system.

Other embodiments of the invention will be apparent to those skilled inthe art from a consideration of the specification or practice of theinvention disclosed herein. It is intended that the specification andexamples be considered as exemplary only.

1. A method of providing revocation status of at least one associatedcredential stored on a first device, comprising: providing informationabout a primary credential stored on a second device separate from thefirst device, the primary credential being cryptographically independentof the associated credential; binding the at least one associatedcredential to the primary credential; and deeming the at least oneassociated credential to be revoked if the primary credential isrevoked.
 2. (canceled)
 3. A method, according to claim 1, whereinbinding the at least one associated credential to the primary credentialis independent of the contents of the credentials and is independent ofwhether any of the credentials authenticate any other ones of thecredentials. 4-8. (canceled)
 9. A method, according to claim 1, whereina single primary credential is bound to a plurality of associatedcredentials so that revocation status of all of the associatedcredentials varies according to revocation status of the primarycredential. 10-20. (canceled)
 21. A method, according to claim 1,wherein the second device is a personal identity verification card. 22.A method, according to claim 21, wherein the first device is a mobilephone.
 23. A method, according to claim 21, wherein the at least oneassociated credential includes a card verifiable certificate.
 24. Amethod, according to claim 21, wherein the method is performed tocontrol a door providing access to an area.
 25. A method, according toclaim 1, further comprising: authenticating the primary credential. 26.A method of providing revocation status of at least one associatedcredential of a plurality of associated credentials, comprising:providing information about a primary credential that iscryptographically independent of the associated credential; binding theplurality of associated credentials to the primary credential; anddeeming the at least one associated credential to be revoked if theprimary credential is revoked, wherein revocation statuses of theplurality of associated credentials varies according to revocationstatus of the primary credential.
 27. A method, according to claim 26,wherein the primary credential is provided on a personal identityverification card.
 28. A method, according to claim 27, wherein the atleast associated credential is provided on a mobile phone.
 29. A method,according to claim 27, wherein the at least one associated credentialincludes a card verifiable certificate.
 30. A method, according to claim27, wherein the method is performed to control a door providing accessto an area.
 31. A method, according to claim 26, further comprising:authenticating the primary credential.
 32. A method of providingrevocation status of at least one associated credential, comprising:providing information about a primary credential that iscryptographically independent of the associated credential; binding theat least one associated credential to the primary credential;authenticating the primary credential; and deeming the at least oneassociated credential to be revoked if the primary credential isrevoked.
 33. A method, according to claim 32, wherein the primarycredential is provided on a personal identity verification card.
 34. Amethod, according to claim 33, wherein the at least associatedcredential is provided on a mobile phone.
 35. A method, according toclaim 33, wherein the at least one associated credential includes a cardverifiable certificate.
 36. A method, according to claim 32, wherein themethod is performed to control a door providing access to an area.
 37. Amethod, according to claim 33, further comprising: determining if theprimary credential is revoked, wherein the primary credential isauthenticated prior to determining if the primary credential is revoked.